package com.zzzzzz.account.reset;

import javax.annotation.Resource;

import org.apache.shiro.authz.annotation.RequiresGuest;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

import com.zzzzzz.account.signin.OnlineService;
import com.zzzzzz.account.ticket.ExpiredTicketException;
import com.zzzzzz.account.ticket.NoSuchTicketException;
import com.zzzzzz.account.user.NoSuchUserException;
import com.zzzzzz.common.message.Message;
import com.zzzzzz.common.util.FieldModel;
import com.zzzzzz.core.web.BaseController;

@Controller
public class ResetPasswordController extends BaseController {

	@Resource
	private ResetPasswordService resetPasswordService;
	@Resource
	private OnlineService onlineService;

	@RequiresGuest
	@RequestMapping(value = "/account/reset", method = RequestMethod.GET)
	public String resetPage(Model model) {
		return "account/reset";
	}

	@RequiresGuest
	@RequestMapping(value = "/account/reset", method = RequestMethod.POST)
	public String sendResetMail(Model model, @RequestParam String email, BindingResult result, RedirectAttributes redirectAttributes) {
		try {
			resetPasswordService.sendResetMail(email);
			Message.info("An email has been sent to you.  Follow its instructions to reset your password.");
			return "redirect:/account/reset";
		} catch (NoSuchUserException e) {
			model.addAttribute("email", FieldModel.error("无此邮箱", email));
			return null;
		}
	}
	
	@RequestMapping(value="/account/reset/{token}", method=RequestMethod.GET)
	public String resetPasswordForm(Model model, @PathVariable String token, RedirectAttributes redirectAttributes) {
		if(onlineService.isSignedIn()) {
			redirectAttributes.addFlashAttribute("您已登录");
			return "account/invalidToken";
		}
		
		if (!resetPasswordService.isValidResetToken(token)) {
			return "account/invalidToken";
		}
		model.addAttribute(new ChangePasswordForm());
		return "account/resetPassword";
	}
	
    @RequestMapping(value="/account/reset/{token}", method= RequestMethod.POST)
    public String resetPassword(Model model, @PathVariable String token, @ModelAttribute ChangePasswordForm changePasswordForm, BindingResult bindingResult, RedirectAttributes redirectAttributes) {
    	
    	if(bindingResult.hasErrors()){
			model.addAttribute("token", token);
			return "account/resetPassword";
		}

		try {
			resetPasswordService.changePassword(token, changePasswordForm.getPassword());
			redirectAttributes.addFlashAttribute("Your password has been reset");
			return "redirect:/reset";
		}catch(NoSuchTicketException e){
			redirectAttributes.addFlashAttribute(Message.error("Your reset password session has expired.  Please try again."));
			return "redirect:/reset";
		}catch(ExpiredTicketException e){
			redirectAttributes.addFlashAttribute(Message.error("Your reset password session has expired.  Please try again."));
			return "redirect:/reset";
		}
    }
}
